-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ted --
...and then [EMAIL PROTECTED] said... % % On Sunday, December 15, 2002, at 08:15 AM, David T-G wrote: % % >...and then [EMAIL PROTECTED] said... % >% ... % >% Most things I've read say to establish a "mysql" user -I take it this % >% is to run the daemon(mysqld?) under? % > % >No; that's a UNIX (or Windows or whatever) user who is running the % >daemon. % % Yes, that's what I meant, but please see below... OK. Good so far, then. % ... % >% mysql db? What mysql privileges does such a user need? % > % >It depends on what the user needs to do. You might have a user who can % >only select from and update in one table of one database, or you might % >have a user (like a backup job user) who can select from any table in % >any % >database. % % What I'm asking about is to use this created user, username = mysql, to % start and I guess stop the server... I mean, is it a mysql user that OK; I gotcha. % starts and stops the daemon? That is what I am trying to understand. % For example: % To me the manual sort of skips in both the Quick Start and the Adding % New Users (section 4.3 and other places), and also this famous website: % http://www.entropy.ch/software/macosx/mysql/#install % (I am not using that installation, I am using Apple's.) % ...seem to skip over what this user named "mysql" is actually for? That user shouldn't need any particular privileges -- and that's because all of the database files should be owned by that user. % ... % >% I usually make "myself" a mysql superuser, should I do that? % > % >Just like you shouldn't casually log in on your machine as root, you % >shouldn't casually use a root mysql user for your work. You might % >make a % >root account for yourself, but also make a normal account and work % >within % >that except when you need special access. % % What privileges might I NOT give myself as a "normal" user? (just % curious, this is not to terribly important for me in this post.) Instead of something like grant all privileges on *.* to tr ; you might want grant all privileges on *.* to myroot ; grant all privileges on trdb to trroot ; grant select on trdb to truser ; or such. Note that I'm not yet a privilege expert :-) and that these examples are not expected to be either accurate or even sensible; you get the idea, though. % % Thanks very much, % Ted Sure thing! % % p.s. I consistently have the problem of starting mysqld manually (which % is what I want here)... the problem is that I ALWAYS have to use sudo % -s, get root... then I can start it. % Do you know why that might be? Probably because the files are currently owned by root. % % So, I am essentially after *this info if nothing else: is there a user % that is either already created by default on my MACHINE (not in mysql) Probably not; the 'create an OS user to run the daemon' step should be part of the installation instructions. I wouldn't expect to have users predefined for every possible application in the world -- including the next great one which hasn't even been written yet :-) % (username = mysql?) such as on my OS X Server (whose docs also do NOT % address this) or that I should Add to my MACHINE, that is *solely for That's a fine and good idea. Some applications prefer to run under their own userids (or even, as in the case of qmail, multiple users for the whole package), while others are happy to run as root; some sysadmins prefer to have all applications under their own IDs anyway even if the app doesn't care one way or another. I do not yet know the security factors of having mysqld run by root, but I shouldn't think you could go wrong running it as its own user. % running mysqld under? Does "running under" mean or include "starting % and stopping"? Yep. % --- % Does anyone know what NetInfo Manager means when it shows a username % (mysql) whose passwd is "*" (an asterisk)? And how I might incorporate % that user into... whatever I need it for? :) No idea here; sorry. Well, some idea... If NetInfo Manager is showing OS accounts, a * in the password entry means that there isn't really a password and you have to su ("switch users", or what sudo does for you in a more structured manner) from the root account (or under sudo management). HTH & HAND mysql query, :-D - -- David T-G * There is too much animal courage in (play) [EMAIL PROTECTED] * society and not sufficient moral courage. (work) [EMAIL PROTECTED] -- Mary Baker Eddy, "Science and Health" http://www.justpickone.org/davidtg/ Shpx gur Pbzzhavpngvbaf Qrprapl Npg! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9/UJ9Gb7uCXufRwARAnQtAJ9stue1qpuiJhmak//k0lyPjBwSwwCg3mSK UN1zCJJ33VjqLxAMb9taxGg= =tGDE -----END PGP SIGNATURE----- --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
